Multiple vulnerabilities exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3, V7.2.1, V7.2.0.2, and V7.1.2, and IBM Platform Symphony V7.1.1 and V7.1 Fix Pack 1. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.10.1 (which resolves these vulnerabilities) are available on IBM Fix Central.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Spectrum Symphony | 7.3 |
| IBM Spectrum Symphony | 7.2.1 |
| IBM Spectrum Symphony | 7.2.0.2 |
| IBM Spectrum Symphony | 7.1.2 |
| IBM Platform Symphony | 7.1.1 |
| IBM Platform Symphony | 7.1 Fix Pack 1 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6174489
The post Security Bulletin: Multiple vulnerabilities in jackson-databind affect IBM Platform Symphony and IBM Spectrum Symphony appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/3eaQFRe
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.